Rule ID
SV-237341r879887_rule
Version
V2R1
CCIs
Configuring the application to implement organization-wide security implementation guides and security checklists ensures compliance with federal standards and establishes a common security baseline across DoD that reflects the most restrictive security posture consistent with operational requirements. Configuration settings are the set of parameters that can be changed that affect the security posture and/or functionality of the system. Security-related parameters are those parameters impacting the security state of the application, including the parameters required to satisfy other security control requirements.
Review the ArcGIS Server configuration to ensure it is deployed onto a Windows 2008 R2 or Windows 2012 R2 Active Directory Member server upon which the Windows Server 2012/2012 R2 Member Server Security Technical Implementation Guide or Windows Server 2008 R2 Member Server Security Technical Implementation Guide has been applied (respectively). If the server on which ArcGIS Server is deployed is not a Windows 2008 R2 or Windows 2012 R2 Active Directory member server which has the Windows Server 2012/2012 R2 Member Server Security Technical Implementation Guide or Windows Server 2008 R2 Member Server Security Technical Implementation Guide has been applied (respectively), this is a finding.
Deploy ArcGIS Server onto a Windows 2008 R2 or Windows 2012 R2 Active Directory Member server that aligns to the Windows Server 2012/2012 R2 Member Server Security Technical Implementation Guide or Windows Server 2008 R2 Member Server Security Technical Implementation Guide (respectively).